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DETAILED ACTION 

Request for Continued Examination 

1. A request for continued examination under 37 CFR 1.114, including the fee set forth in 
37 CFR 1 .17(e), was filed in this application after final rejection. Since this application is 
eligible for continued examination under 37 CFR 1 . 1 1 4, and the fee set forth in 37 CFR 

1 .17(e) has been timely paid, the finality of the previous Office action has been 
withdrawn pursuant to 37 CFR 1.114. 

2. Amendment received December 9, 2004 has been entered into record. Claims 1, 3-1 1, 
13-16, 18, and 20-23 remain pending. 

Response to Amendment 

3. This office action is in response to the applicants Amendment filed on December 9, 
2004. Applicant amended claims 1, 4, 7-8, and 10-11. Claims 1, 3-11, 13-16, 18, and 
20-23 are presented for further consideration and examination. 

Claim Rejections - 35 USC § 103 

4. The following is a quotation of 35 U.S.C. 103(a) which forms the basis for all 
obviousness rejections set forth in this Office action: 

(a) A patent may not be obtained though the invention is not identically disclosed or 
described as set forth in section 102 of this title, if the differences between the subject 
matter sought to be patented and the prior art are such that the subject matter as a 
whole would have been obvious at the time the invention was made to a person having 
ordinary skill in the art to which said subject matter pertains. Patentability shall not be 
negatived by the manner in which the invention was made. 
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5. Claims 1. 3-5, 7-11. 13-14. 16. 18. and 20-23 are rejected under 35 U.S.C. 103(a) as 

being unpatentable over Merchant et al. (US006775290B1 ), in view of Rijhsinghani et al. 
(US006526052B1), and further in view of Denning et al. (Location-Based Authentication: 
Grounding Cyberspace for Better Security; copy right 1996; pages 1-6). 



6. . With regard to claims 1. 7. and 18 . Merchant discloses, 

• a processor that communicates with an access concentrator to receive a plurality 
of port identifiers assigned by the access concentrator wherein each port 
identifier is associated with a location-specific connection port that provides 
connection for one or more hosts, the processor further determines which of the 
location-specific connection ports are currently accessing the network-by 
associating each of the received port identifiers with a location-specific 
connection port : and (Merchant, col.1 , lines 52-63; col.2, lines 48-57) 
Merchant teaches of "storing VLAN data indicating a plurality of VLAN identifiers 
corresponding to the multiple VLANs supported by the port" and determining the 
active connections by comparing "the VLAN identifier of a data packet received 
via the port . . . with the plurality of VLAN identifiers ...[of] the stored VLAN data" 
(Merchant, col.1, lines 54-59). 

However, Merchant does not explicitly disclose, 

• port identifiers assigned by the access concentrator wherein each port identifier 
is associated with a location-specific connection port that provides connection for 
one or more hosts 

Rijhsinghani teaches, 
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• port identifiers assigned by the access concentrator wherein each port identifier 
is associated with a location-specific connection port that provides connection for 
one or more hosts (Rijhsinghani, col.7, line 63 - col. 8, line 5; col. 9, lines 37-58; 
fig.5) 

Rijhsinghani teaches of switches (270', 275', 280") that are capable of 
"[determining] the appropriate VLAN tag to add to the communication before 
transmission via the trunk port to the high speed LAN backbone or trunk 265"' 
(Rijhsinghani, col. 9, lines 39-42) and ultimately through the "trunk station 285 
[which] may, for example, be a network server or other network resource to 
which some or all of the members of LANs may require high speed access from 
time to time or on a continuous basis as is known in the art" (Rijhsinghani, col.7, 
line 63 - col. 8, line 1). 
Therefore, it would have been obvious to one of ordinary skill in the art at the time of 
the invention was made to combine Rijhsinghani reference with Merchant reference 
to "increase the flexibility of network switching ... [by] providing a network switch that 
enables each switch port to support connections with members of multiple VLANs" 
(Rijhsinghani, col.1, lines 45-49). In addition, Merchant mentions switches using 
VLAN and VLAN identifiers; and it is well known in the networking art that VLAN 
consists of groups of hosts that are on physically different segments but that 
communicate as though they were on the same wire by using VLAN identifiers. 
However, Merchant and Rijhsinghani do not explicitly disclose, 

• a database associated with the network gateway device that stores the location- 
specific connection ports for the purpose of identifying one or more hosts 
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associated with the connection port that have been granted network 
authorization. 
Denning teaches, 

• a database associated with the network gateway device that stores the location- 
specific connection ports for the purpose of identifying one or more hosts 
associated with the connection port that have been granted network 
authorization. (Denning, pg.2, para. 2). 

Denning teaches of "[determining] whether a person is attempting to log in from 
an approved location, e.g., a user's office building or home" (Denning, pg.2, 
para.2, lines 3-4). Denning also suggests that using "the login location ...to 
identify the place of login as well as to authenticate it" (Denning, pg.2, para.2, 
lines 6-8). Both Merchant and Rijhsinghani include databases or tables for 
storing the VLAN data, which ultimately maps the VLAN identifier to the 
connecting VLAN port. 
Therefore, it would have been obvious to one of ordinary skill in the art at the time of 
the invention was made to combine Denning reference with Merchant and 
Rijhsinghani references to "increase the flexibility of network switching ... [by] 
providing a network switch that enables each switch port to support connections with 
members of multiple VLANs" (Rijhsinghani, col.1 , lines 45-49) and to use "the login 
location ...to identify the place of login as well as to authenticate it" (Denning, pg.2, 
para.2, lines 6-8). In addition, according to Denning, the "use of geodetic location 
can supplement or complement other methods of authentication" and that "its value 
added is a high level of assurance against intrusion from any unapproved location 
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regardless of whether the other methods have been compromised" (Denning, pg.2, 
para. 6) 

7. With regard to claim 3 , Merchant, Rijhsinghani, and Denning disclose, 

• wherein the processor uses VLAN protocol as a communication link between the 
processor and the access concentrator. (Merchant, col.1, lines 52-63; col.2, lines 
48-57; Rijhsinghani, col. 7, line 63- col.8, line 5; col. 9, lines 37-58;, fig. 5) 



8. With regard to claims 4-5 . Merchant, Rijhsinghani, and Denning disclose, 

• wherein the processor further comprises a querying agent capable of requesting 
transmission of the plurality of port identifiers from the associated access 
concentrator. (Rijhsinghani, col.7, line 49 - col.8, line 5; col.8, lines 35-41 ; col.9 t 
lines 31-46) 

• wherein the querying agent uses Simple Network Management Protocol (SNMP) 
as the communication link between the network device and the access 
concentrator. (Rijhsinghani, col J, line 49- col.8, line 5; col.8, lines 35-41; col.9, 
lines 31-46) 

9. With regard to claims 8-1 1 13 and 16 , Merchant, Rijhsinghani, and Denning disclose, 

• wherein identifying the location-specific, connection port of each of the hosts at 
an access concentrator further comprises tagging the data packets being sent 
from each host with one of a plurality of port identifiers at an access concentrator. 
(Merchant, col.1, lines 52-63; col.2, lines 48-57; Rijhsinghani, col.7, line 63- . 
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col. 8, line 5; col. 9, lines 24-30, lines 37-58; col. 10, lines 34-43; col.11, lines 5-10; 
fig.5) 

• wherein communicating the port identifier to a network gateway device further 
comprises transmitting tagged data packets to a network gateway device. 
(Merchant, col.1, lines 52-63; col.2, lines 48-57; Rijhsinghani, col. 7, line 63- 
col.8, line 5; col.9, lines 24-30, lines 37-58; coUO, lines 34-43; col.11, lines 5-10; 
fig.5) 

• wherein tagging the data packets being sent from each host with one of a 
plurality of port identifiers further comprises tagging the data packets being sent 
from each host with one of a plurality of port identifiers that corresponds to a 
media access control (MAC) address. (Merchant, col.1, lines 38-42, lines 52-63; 
col.2, lines 48-57; Rijhsinghani, col. 7, line 63 - col. 8, line 5; col.9, lines 24-30, 
lines 37-58; col. 10, lines 34-43; col.1 1, lines 5-10; fig.5) 

• wherein tagging the data packets being sent from each host with one of a 
plurality of port identifiers includes implementing the use of VLAN protocol. 
(Merchant, col.1, lines 38-42, lines 52-63; col.2, lines 48-57; Rijhsinghani, col.7, 
line 63- col. 8, line 5; col.9, lines 24-30, lines 37-58; col. 10, lines 34-43; col.1 1, 
lines 5-10; fig.5) 

10. With regard to claim 14 . Merchant, Rijhsinghani, and Denning disclose, 

• wherein transmitting a port requesting query from the network gateway device 
further comprises transmitting a SNMP (Simple Network Management Protocol) 
query. (Rijhsinghani, col.7, line 49-col.8, line 5; col. 8, lines 35-41; col.9, lines 
31-46) 
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1 1 . With regard to claims 20-23 , Merchant, Rijhsinghani, and Denning disclose, 

• further comprising executing the network system application at the network 
gateway device. (Merchant, col.1, lines 52-63; col.2, lines 48-57; Rijhsinghani, 
col.7, line 63 - col.8, line 5; col.9, lines 24-30, lines 37-58; col.10, lines 34-43; 
col.11, lines 5-10; fig. 5) 

• wherein communicating the port identifier to a network gateway device further 
comprises transmitting tagged data packets to a network gateway device. 
(Merchant, col.1, lines 38-42, lines 52-63; col.2, lines 48-57; Rijhsinghani, col.7, 
line 63 - col.8, line 5; col.9, lines 24-30, lines 37-58; col.10, lines 34-43; col.1 1, 
lines 5-10; fig. 5; Denning, pg.2, para.2, 6; pg.3, para.1; pg.5, para.4, 6) 

• wherein applying results of the identification to a network system application 
further comprises applying the identified one or more connection ports to an 
authorization application that provides authorization to network subscribers 
based on location. (Merchant, col.1, lines 38-42, lines 52-63; col.2, lines 48-57; 
Rijhsinghani, col.7, line 63 - col.8, line 5; col.9, lines 24-30, lines 37-58; col.10, 
lines 34-43; col.1 1, lines 5-10; fig. 5; Denning, pg.2, para.2, 6) 

• wherein applying the results of the identification to a network system application 
further comprises applying the identified one or more of connection port to 
determine port-specific information that will be communicated to a connection 
port (Merchant, col.1, lines 38-42, lines 52-63; col.2, lines 48-57; Rijhsinghani, 
col.7, line 63 - col.8, line 5; col.9, lines 24-30, lines 37-58; col.10, lines 34-43; 
col.1 1, lines 5-10; fig. 5) 
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12. Claims 6 and 15 are rejected under 35 U.S.C. 103(a) as being unpatentable over 
Merchant et al. (US006775290B1 ), in view of Rijhsinghani et al. (US006526052B1 ), 
further in view of Denning et al. (Location-Based Authentication: Grounding Cyberspace 
for Better Security; copy right 1996; pages 1-6), and further in view of 

13. With regard to claims 6 and 15. Merchant, Rijhsinghani, and Denning disclose, 

See claims 4 and 13 rejections as detailed above. 

However, Merchant, Rijhsinghani, and Denning do not explicitly disclose, 

• wherein the querying agent uses Extensible Markup Language (XML) as the 
communication between the network device and the access concentrator 

Hunt teaches, 

• wherein the querying agent uses Extensible Markup Language (XML) as the 
communication between the network device and the access concentrator. (Hunt, 
abstract, lines 9-14; col. 15, lines 39-43; module 231 on sheet 2, fig.2). 

Therefore, it would have been obvious to one of ordinary skill in the art at the time of 
the invention was made to combine Hunt reference with Merchant, Rijhsinghani, and 
Denning references to "increase the flexibility of network switching ... [by] providing a 
network switch that enables each switch port to support connections with members 
of multiple VLANs" (Rijhsinghani, col.1, lines 45-49) and to use "the login location ... 
to identify the place of login as well as to authenticate it" (Denning, pg.2, para.2, lines 
6-8). In addition, according to Denning, the "use of geodetic location can supplement 
or complement other methods of authentication" and that "its value added is a high 
level of assurance against intrusion from any unapproved location regardless of 
whether the other methods have been compromised" (Denning, pg.2, para.6) 
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Response to Arguments 

14. Applicant's arguments with respect to claims 1, 3-11, 13-16, 18, and 20-23 have been 
considered but are moot in view of the new ground(s) of rejection. 

Conclusion 

15. The prior art made of record and not relied upon is considered pertinent to applicant's 
disclosure: 

• Van Home et al. (US006460084B1 ) is related to a concentrator for use in a 
multiple-network system is provided. The multiple-network system contains a 
plurality of networks. 

• Taghadoss (US0061 75867B1 ) relates generally to computer networks and, more 
particularly, to computer communication with networks. 

16. Any inquiry concerning this communication or earlier communications from the examiner 
should be directed to Thomas Duong whose telephone number is 571/272-3911. The 
examiner can normally be reached on M-F 7:30AM - 4:00PM. If attempts to reach the 
examiner by telephone are unsuccessful, the examiner's supervisor, Valencia Martin- 
Wallace can be reached on 571/272-6159. The fax phone numbers for the organization 
where this application or proceeding is assigned are 703/872-9306 for regular 
communications and 703/872-9306 for After Final communications. 

Thomas Duong (AU2145) 
March 18, 2005 
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